class UsersController < ApplicationController
  # GET /users
  # GET /users.xml
  def index
    @users = User.find(:all, :order => "lname, fname")

    respond_to do |format|
      format.html # index.html.erb
      format.xml  { render :xml => @users }
    end
  end

  # GET /users/1
  # GET /users/1.xml
  def show
    @user = User.find(params[:id])

    respond_to do |format|
      format.html # show.html.erb
      format.xml  { render :xml => @user }
    end
  end

  # GET /users/new
  # GET /users/new.xml
  def new
    @user = User.new

    respond_to do |format|
      format.html # new.html.erb
      format.xml  { render :xml => @user }
    end
  end

  # GET /users/1/edit
  def edit
    @user = User.find(params[:id])
    @user.usernames.each do |username|
      username.password_confirmation = username.password unless username.password.nil?
    end
  end

  # POST /users
  # POST /users.xml
  def create
    @user = User.new(params[:user])
    maintain_passwords

    respond_to do |format|
      if @user.save
        flash[:notice] = 'User was successfully created.'
        format.html { redirect_to(@user) }
        format.xml  { render :xml => @user, :status => :created, :location => @user }
      else
        format.html { render :action => "new" }
        format.xml  { render :xml => @user.errors, :status => :unprocessable_entity }
      end
    end
  end

  # PUT /users/1
  # PUT /users/1.xml
  def update
    @user = User.find(params[:id])    

    respond_to do |format|
      if @user.update_attributes(params[:user])
        flash[:notice] = 'User was successfully updated.'
        format.html { redirect_to(@user) }
        format.xml  { head :ok }
      else
        format.html { render :action => "edit" }
        format.xml  { render :xml => @user.errors, :status => :unprocessable_entity }
      end
    end
  end

  # DELETE /users/1
  # DELETE /users/1.xml
  def destroy
    @user = User.find(params[:id])
    @user.destroy

    respond_to do |format|
      format.html { redirect_to(users_url) }
      format.xml  { head :ok }
    end
  end

  def change_password
    @username = Username.find(params[:id])
    @username.password = nil
    @user = @username.user
  end

  def update_password
    @username = Username.find(params[:username][:id])    
    @username.check_password = true    

    respond_to do |format|
      if @username.update_attributes(params[:username])
        flash[:notice] = 'Username was successfully updated.'
        format.html { redirect_to(@username.user) }
        format.xml  { head :ok }
      else
        @username.password = nil
        format.html { render :action => "change_password", :id => @username.id }
        format.xml  { render :xml => @username.errors, :status => :unprocessable_entity }
      end
    end
  end
 
end
